sakula | 656518e51dc20b4727b0cde59cc303070677d76a99782bd62d94c633b8747e6c | Triage

Sharing

General

Target

2025-04-15_24e7140a327459f961761508759a7705_amadey_elex_rhadamanthys_sakula_smoke-loader
Size

92KB
Sample

250415-hezpqsyqy8
MD5

24e7140a327459f961761508759a7705
SHA1

a86873c75f5b78390dd697315182e3768c3174f3
SHA256

656518e51dc20b4727b0cde59cc303070677d76a99782bd62d94c633b8747e6c
SHA512

09b80d085766d8acbe11173b1f040aba6e9aa2a40bfc5a1b5c1cc57b7f6ab9b59db1b82fb8a41d4ccd215194ba1c9fd13862617c4efa574da9e576d4dca1b7e6
SSDEEP

1536:TJbCiJVkgMaT2itTkjoRXnM48dXFajVPYxCEtkz30rtrw:9bfVk29te2jqxCEtg30Bc

Score

10^/10

sakula discovery persistence rat trojan

Malware Config

Extracted

Family

sakula

C2

www.savmpet.com

Targets

- Target
  
  2025-04-15_24e7140a327459f961761508759a7705_amadey_elex_rhadamanthys_sakula_smoke-loader
- Size
  
  92KB
- MD5
  
  24e7140a327459f961761508759a7705
- SHA1
  
  a86873c75f5b78390dd697315182e3768c3174f3
- SHA256
  
  656518e51dc20b4727b0cde59cc303070677d76a99782bd62d94c633b8747e6c
- SHA512
  
  09b80d085766d8acbe11173b1f040aba6e9aa2a40bfc5a1b5c1cc57b7f6ab9b59db1b82fb8a41d4ccd215194ba1c9fd13862617c4efa574da9e576d4dca1b7e6
- SSDEEP
  
  1536:TJbCiJVkgMaT2itTkjoRXnM48dXFajVPYxCEtkz30rtrw:9bfVk29te2jqxCEtg30Bc
Score

10^/10

sakula discovery persistence rat trojan
- Sakula
  Sakula is a remote access trojan with various capabilities.
  trojan rat sakula
- Sakula family
  sakula
- Sakula payload
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

sakuladiscoverypersistencerattrojan